Lucene search

[email protected]CVE-2002-1080

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-1080

2002-10-0404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2002-1080

administration console

abyss web server

patch 2

remote attackers

gain privileges

modify server configuration

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.1%

JSON

The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl.

CPENameOperatorVersion
aprelium_technologies:abyss_web_serveraprelium technologies abyss web servereq1.0.3
aprelium_technologies:abyss_web_serveraprelium technologies abyss web servereq1.0

CPE	Name	Operator	Version
aprelium_technologies:abyss_web_server	aprelium technologies abyss web server	eq	1.0.3
aprelium_technologies:abyss_web_server	aprelium technologies abyss web server	eq	1.0

References

archives.neohapsis.com/archives/bugtraq/2002-08/0229.html

www.aprelium.com/news/patch1033.html

www.iss.net/security_center/static/9957.php

www.securityfocus.com/bid/5548

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.1%

JSON